Man Behind DDoS Attacks on Gaming Companies Pleads Guilty

A 23-year-old man from Utah pleaded guilty this week to launching distributed denial-of-service (DDoS) attacks against several online gaming companies in 2013 and 2014.

According to the U.S. Justice Department, Austin Thompson targeted servers belonging to Sony Online Entertainment (later spun off and renamed Daybreak Game Company) and other companies. The man announced his attacks via the Twitter account @DerpTrolling.

The account still exists, but it hasn’t been active since January 2016, when it resumed tweeting after a break of more than one year.

Thompson has pleaded guilty to causing damage that exceeds $95,000 to a protected computer, for which he faces up to 10 years in prison, a fine of $250,000, and 3 years of supervised release. His sentencing is scheduled for March 1, 2019.

While authorities charged the Utah man for attacks between 2013 and 2014, DerpTrolling was active since 2011. DerpTrolling made some headlines in 2013 and 2014 after disrupting online gaming servers owned by EA, Sony, Riot Games, Microsoft, Nintendo and Valve.

At one point, the cybercriminal leaked some account credentials allegedly belonging to PlayStation Network, Windows Live and 2K Games users, but it later turned out that the data was either fake or not obtained as a result of a breach, as DerpTrolling claimed.

“Denial-of-service attacks cost businesses millions of dollars annually,” said U.S. Attorney Adam Braverman. “We are committed to finding and prosecuting those who disrupt businesses, often for nothing more than ego.”

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.